Subscribe! Enter your email address below:

NO SPAM: We absolutely hate spam. We will not share, rent, or give away your email address to anyone.You can unsubscribe at any time. Easily!

September 5, 2013

Protect PHP with SourceGuardian
Welcome to the latest newsletter.

We kiss goodbye to the summer on a high, with our subscriber list passing the 7000 mark and an unexpected heat wave to squeeze out the last few drops of sunshine ;)

This week we have some sound advice for library authors, and a variety of tutorials involving QR codes, debugging and parameters.

Enjoy the sunshine,



5 Of The Best PHP Frameworks For Programmers
This is a topic that is not very well understood by people who jump into the development pool. PHP frameworks help to promote rapid application development, which saves you time, helps build more stable applications and reduces the amount of repetitive coding for developers. Frameworks can also help beginners build more stable apps by ensuring proper database interaction and coding on the presentation layer. This allows you to spend more time creating the actual web application, instead of spending time writing repetitive code and writing the tools for your project.

Library Authors: Don't Provide An Exploitable Interface
SQL injection is a pretty big deal. Its cousin shell injection is also a common issue, demonstrated quite well by a recent post to the PHP reddit. Although some suspect it was a troll, I heard echos from a variety of people who had seen pretty much exactly the same vulnerability in production. This got me thinking: People writing libraries for doing things like shell commands, SQL, etc., don’t actually have to provide an interface that can be easily mis-used. An interface like this could just as easily be based on some other data type besides a plain string, completely side stepping issues caused by concatenation. “What on earth are you talking about?” – Let me explain…

Tutorials and Talks

Xdebug - Professional PHP Debugging
Xdebug is an extension for PHP to make your life easier while debugging your code. Right now, you may be used to debugging your code with various other simple solutions. These include using echo statements at different states within your program to find out if your application passes a condition, or to get the value of a certain variable. Furthermore, you might often use functions like var_dump, print_r or others to inspect objects and arrays. 

How to Build a Dynamic Imgur Upload App Using jQuery & PHP
Many new online web services are providing backend APIs for developers. These allow anyone to connect into a web app and pull out specific information (or push or change bits of data). Today we’re specifically looking at the API for Imgur.

Creating QR Codes with PHP and Silex
Today we’re going to play with QR codes and how to use them within a Silex application, using one Service Provider. First we need a QR code generator. If we find it in Packagist we can see various libraries. We are going to use the library: endroid/qrcode.

Updating the PHP Syntax Highlighter in Notepad++
After using Notepad++ for a while, there was something about the PHP syntax highlighter that bothered me. Some functions like array_key_exists() were highlighted beautifully while other common functions like sizeof() didn’t receive the treatment. Why is it this way? Fortunately, there’s a quick, manual solution to this problem.

Secure login form with PHP and MySQL
Here, we’ll run through how to create a simple but secure login system in PHP, discuss validation and then consider how to extend the system to be even better.

Named Parameters in PHP
Converting a Python Twitter API package to PHP turned out to be more trouble than I initially expected due to the usage of Python's named parameters. 

CurlFile and the Facebook SDK in PHP 5.5 
One of the features implemented in PHP 5.5 was CurlFile, a nice addition to the Curl extension to allow you to specify specific arguments as a file for upload. 

Potential Variadic Function Syntax for PHP 5.6 
An awesome RFC popped up the other day: Syntax for variadic functions, developed by Nikita Popov. I read through it and I loved it, but I did have to Google to see what the hell a variadic function was. This is what happens when you teach yourself how to code. You know how to do things, but don't know any of the words. Variadic functions are already possible in PHP and have been throughout 4.x and 5.x in the form of func_get_args(), which is pretty gross. It's used for functions where you want to have an unlimited number of functions. 

PHPUnit, Composer, PHPStorm, Oh my!
Installing PHPUnit within a project via Composer, then running tests through PHPStorm is not an intuitive process. However, with the right steps it’s actually pretty simple.

Decoupling from Symfony Security and FOSUserBundle 
In this blog post I will show how to decouple your core application from the Symfony Security component and User Bundles, such as the FOSUserBundle.
News and Announcements

PHPBenelux Conference Antwerp 2014 - Call for Proposals 
It’s that time of the year again! The call for proposals is here. This is your chance to grab the microphone on stage, hook up your laptop and teach the world how to make better PHP sites and applications! Seen anything new lately which gave you a lot of cool insights? Do you feel like an expert on a certain topic? Why not share it with other developers? We have now opened up our Call for Proposals (CfP) for you to start submitting your talks.

Sunshine PHP Conference 6-8th February 2014 
The PHP community in South Florida (SoFloPHP) has organised a PHP developer conference in Miami from February 6th - 8th, 2014, and you're invited! We will host some of the best speakers, awesome talk topics, latest technologies and up to date news in PHP. And don't forget a Hack-a-thon and Unconference!

Nomad PHP US Chapter - September 26th 2013 
Brandon Savage presents Beautiful Models In PHP. Do you find yourself frustrated by the creation of models in the model view controller architecture? Does the lack of a standard method for model creation drive you crazy? Come and find out how to avoid the pitfalls of creating models in PHP. Learn how to build models that will last, no matter the next technology fad!

Nomad PHP European Chapter - September 26th 2013
Luke Stokes presents Hypermedia ALL THE THINGS! A company’s move from POX to HATEOAS. You may have been told you’re doing REST “wrong,” but you don’t know why. You may have heard the term “Hypermedia API,” but you’re not really sure what that means. You may also know quite a bit about APIs, but want to see an API that’s done “right.” If so, this talk is for you. We’ll explore FoxyCart’s API move from POX to HATEOAS and some new ways of documenting and thinking about Hypermedia APIs.

Reading and Viewing

WordPress Multisite Administration (by Tyler L.Longren, published 26th August 2013)
A concise guide to set up, manage and customise your blog network using WordPress multisite.

CakePHP - Quick Reference Guide (by Kevin Naidoo, published 2nd Sep 2013) 
CakePHP quick reference guide is a convenient, compact and essential reference guide with tons of sample code snippets to aid you in your development process. Code samples include most of the fundamental methods and attributes of controllers, models, views, components and helpers.

PHP Town Hall Episode 10: Postgres, Bla, Bla, Cider
This time around we’re joined by Selena Deckelmann who, as a Postgres contributor, talks to us about some of the burning questions many PHP developers often have about Postgres when considering it as a replacement for the PHP’s defacto-standard relational DB: MySQL.


If you have a position that needs filling, let us know and we will include it.

Performance Telecom (UK) seek freelancer (Remote worker) - Python and PHP Developer
This position is primarily Python, but PHP skills are also required.

Senior PHP Developer in Bucharest, Romania
We are searching for a passionate PHP developer who will be part of a team of senior programmers and experienced testing engineers, directly involved in technical development projects, using Agile Scrum as methodology.

PHP Engineers for Bright.Com in San Francisco
We are looking for PHP engineers to join our growing team! The ideal candidate is language agnostic, and can work with both scripting languages (such as Python and PHP) as well as strongly typed languages (such as C++ and Java), and has a passion for taking an idea and exploring, tinkering, debating, and demonstrating the fastest, most efficient, flexible and scalable implementation approaches. Experience working with traditional SQL databases as well as newer technologies, indexes and data stores is key (such as Solr, ElasticSearch, Redis, or Neo4j), and you must be comfortable using Linux and other open source technologies.

Ballers Bridge is Hiring a Sr. Yii Developer
We are looking for a motivated and outstanding candidate to lead our product development. The ideal candidate is an experienced problem solver, quick thinker/learner, self-motivated and not afraid of challenges.

Message Digital Design Ltd is Hiring a Web Developer (PHP) 
We are looking for an experienced developer to work in our spacious offices in central Brighton, helping to deliver high-quality websites, e-commerce and online systems to a wide range of clients. At Message we give a damn about building the web the right way, and the successful applicant will too.

Interesting Projects, Tools and Libraries

A PHP mode for GNU Emacs. This updates PHP Mode with features to make it more friendly to use with PHP 5.4 and later.

MightyMouse (MM) is a fast and modular PHP MVC framework.

PHP translator with plural forms support. Can be also used with Nette. This library is compatible with node package translator.

Plugin for CakePHP2 to use Bootstrap, from Twitter (CSS JS Framework)

Integrates the Recurly API with Laravel 4. A simple Laravel 4 service provider for including the Recurly PHP Client.

This project was created in order to provide project skeleton to start a new PHP project. Various config files are ready for continuous integration.

PHPoAuthLib provides oAuth support in PHP 5.3+ and is very easy to integrate with any project which requires an oAuth client.

This is a simple but faster URL http routing library.

PHP Object Proxy System. Pops is a system for wrapping PHP objects in other objects to modify their behaviour. A Pops proxy will, as much as possible, imitate the object it wraps. It passes along method calls and returns the underlying result, and allows transparent access to properties (for both setting and getting). Pops is the underlying system behind Liberator.

Social authentication library for PHP 5.3+

Find Us, Follow Us, Promote Us :)

Subscribe! Enter your email address below:

NO SPAM: We absolutely hate spam. We will not share, rent, or give away your email address to anyone.You can unsubscribe at any time. Easily!

Talk to us!

If you have some news, want to share a link with us or chat with us feel free to email us.

And we also have an RSS feed that you can use.

Like us on FacebookFollow us on Twitter

Copyright ©